On 21 March 2016 at 04:44, Garrett . <orthostatic@xxxxxxxxx> wrote:
> Example One - Anonymous Set with Subnet
> -------------------
> nft -i
> nft> add rule filter input meta iifname "eth1" ip saddr {
> 10.0.0.0/8,192.168.0.0/16 } counter log drop
> nft> list sets
>
> set set0 {
> type ipv4_addr
> flags constant,interval
> elements = { 10.0.0.0/8, 192.168.0.0/16}
> }
>
This case is a fixed bug, see
http://git.netfilter.org/nftables/commit/?id=df5e71ba390dc574c50f0977f741d56cbc137034
>
> Example Two - Named Set, type ipv4_addr, Subnet Add Fails
> -------------------
> nft -i
> nft> add set filter rfc1918 { type ipv4_addr;}
> nft> add element filter rfc1918 { 172.16.0.0/12 }
> *** nft: netlink.c:326: netlink_gen_data: Assertion '0' failed. ***
> nft -i
> nft> list sets
>
> set rfc1918 {
> type ipv4_addr
> }
Also a bug, however the code has changed since your version.
Please, try to test latest git version.
best regards.
--
Arturo Borrero González
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
